Archive

Category Archives for "Network World Security"

Microsoft adds resiliency, redundancy, security to Windows Server 2019

With Windows Server 2019, Microsoft is adding resiliency and redundancy enhancements to the Shielded Virtual Machines security controls it introduced with Windows Server 2016.Shielded VMs originally provided a way to protect virtual machine assets by isolating them from the hypervisor infrastructure and could also help prove to auditors that systems were adequately isolated and controlled. Now Shielded VM enhancements in Window Server 2019 provide real-time failback configurations and host- and policy-based security improvements.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] Host key attestation Under Windows Server 2016, key authentication was based on trusted platform module (TPM) cryptoprocessors and Microsoft Active Directory authentication. Both of these are great solutions but were limited when it comes to extensibility and redundancy.To read this article in full, please click here(Insider Story)

Automation critical to scalable network security

Securing the business network has been and continues to be one of the top initiatives for engineers. Suffering a breach can have catastrophic consequences to a business, including lawsuits, fines, and brand damage from which some companies never recover.To combat this, security professionals have deployed a number of security tools, including next-generation firewalls (NGFW) such as Cisco’s Firepower, which is one of the most widely deployed in the industry. Managing firewalls becomes increasingly difficult Managing a product like Firepower has become increasingly difficult, though, because the speed at which changes need to be made has increased. Digital businesses operate at a pace never seen before in the business world, and the infrastructure teams need to keep up. If they can’t operate at this accelerated pace, the business will suffer. And firewall rules continue to grow in number and complexity, making it nearly impossible to update them manually.To read this article in full, please click here

Supermicro is the latest hardware vendor with a security issue

Security researchers with Eclypsium, a firm created by two former Intel executives that specializes in rooting out vulnerabilities in server firmware, have uncovered vulnerabilities affecting the firmware of Supermicro servers. Fortunately, it’s not easily exploited.The good news is these vulnerabilities can be exploited only via malicious software already running on a system. So, the challenge is to get the malicious code onto the servers in the first place. The bad news is these vulnerabilities are easily exploitable and can give malware the same effect as having physical access to this kind of system.“A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access,” Eclypsium said in a blog post announcing its findings.To read this article in full, please click here

What happens if IoT security doesn’t get solved?

Sometimes, confirmation of the obvious can be really important. At least, that’s how I felt when I saw a new Bain & Company report, Cybersecurity Is the Key to Unlocking Demand in IoT. According to the consulting firm’s survey, 45 percent of Internet of Things (IoT) buyers say “concerns about security remain a significant barrier and are hindering the adoption of IoT devices.” Worries over IoT security are hardly news, of course. I’ve been writing about them here on Network World for a while, and a quick internet search for IoT security rains down more than a million hits.To read this article in full, please click here

SDNs and NFV are complementary and core components of modernized networks

The terms software defined networking (SDN) and network functions virtualization (NFV) are often used interchangeably, which is incorrect.  In a sense, the two are tied together as companies start using NFV as part of their SDN plans but that doesn’t have to be the case.Enterprises could maintain their current network architecture and shift to NFV or they could roll out an SDN and never leverage the benefits of NFV, so it’s important to understand what each is and the benefits of both.[ For more on SDN see where SDN is going and learn the difference between SDN and NFV. | Get regularly scheduled insights by signing up for Network World newsletters. ] What is software-defined Networking SDNs are a fundamentally different way to think about networks.  Technically, SDNs can be defined as the separation of the management, control and data-forwarding planes of networks.  Many people, including technical individuals read that definition and say, “So what?”, but the separation of these planes has a profound impact on networks and enables things that have never been done before.To read this article in full, please click here

Cato Networks adds threat hunting to its Network as a Service

Enterprises that have grown comfortable with Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (IaaS) are increasingly accepting of Network as a Service (NaaS). NaaS is a rapidly growing market. According to Market Research Future, NaaS is expected to become a US $126 billion market by 2022, sustaining an annual growth rate of 28.4 percent.One of the key benefits of cloud-based networking is increased security for applications and data. Given that the traditional perimeter of on-premise networks has been decimated by mobile and cloud computing, NaaS builds a new perimeter in the cloud. Now it’s possible to unify all traffic – from data centers, branch locations, mobile users, and cloud platforms – in the cloud. This means an enterprise can set all its security policies in one place, and it can push traffic through cloud-based security functions such as next-generation firewall, secure web gateway, advanced threat protection, and so on.To read this article in full, please click here

Study shows admins are doing a terrible job of patching servers

Open source has taken over the server side of things, but admins are doing a terrible job of keeping the software patched and up to date.Black Duck Software, a developer of auditing software for open-source security, has released its annual Open Source Security and Risk Analysis, which finds enterprise open source to be full of security vulnerabilities and compliance issues.[ For more on IoT security see our corporate guide to addressing IoT security concerns. | Get regularly scheduled insights by signing up for Network World newsletters. ] According to the study, open-source components were found in 96% of the applications the company scanned last year, with an average of 257 instances of open source code in each application.To read this article in full, please click here

22 essential security commands for Linux

There are many aspects to security on Linux systems – from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.sudo Running privileged commands with sudo  – instead of switching user to root  – is one essential good practice as it helps to ensure that you only use root privilege when needed and limits the impact of mistakes. Your access to the sudo command depends on settings in the /etc/sudoers and /etc/group files. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] $ sudo adduser shark Adding user `shark' ... Adding new group `shark' (1007) ... Adding new user `shark' (1007) with group `shark' ... Creating home directory `/home/shark' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for shark Enter the new value, or press ENTER for the default Full Name []: shark Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] Y If you run sudo Continue reading

22 essential Linux security commands

There are many aspects to security on Linux systems – from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.sudo Running privileged commands with sudo  – instead of switching user to root  – is one essential good practice as it helps to ensure that you only use root privilege when needed and limits the impact of mistakes. Your access to the sudo command depends on settings in the /etc/sudoers and /etc/group files. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] $ sudo adduser shark Adding user `shark' ... Adding new group `shark' (1007) ... Adding new user `shark' (1007) with group `shark' ... Creating home directory `/home/shark' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for shark Enter the new value, or press ENTER for the default Full Name []: shark Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] Y If you run sudo Continue reading

Asigra evolves backup/recovery to address security, compliance needs

As backup and recovery products and solutions evolve, they are beginning to intersect with security and compliance. Online backup and recovery software company Asigra has announced a new version of its software that addresses the risks posed by ransomware and non-compliance with Article 17 of the European Union’s General Data Protection Regulation (GDPR). Both should be a concern for organizations of all sizes, from global enterprises on down to small/medium businesses.Let’s take a look at the new capabilities that Asigra is bringing to market with the version 14 release of its Cloud Backup software, and why these capabilities are an important evolution in backup and recovery.To read this article in full, please click here

Cisco CEO trumpets Catalyst 9K advances, software business success

Industry bellwether Cisco revealed some important financial numbers this week – its revenues were $12.5 billion, up 4 percent for the third quarter year-over-year, with product revenue up 5 percent.But one of the of the more interesting tidbits is that the company said it was selling some 40 Catalyst 9000 systems a day in and has installed 2,700 of the big boxes this quarter bring the total to 5,800 since its introduction in 2017. The Catalyst 9000 is key to a number of Cisco’s future initiatives – one of the most important being its drive to build out its Network Intuitive plans for intent-based networking.[ Related: Getting grounded in intent-based networking] | The other is that the way its software is sold – via a variety of subscription/feature levels is a key component of its overall strategy to become a more software-oriented company.To read this article in full, please click here

1 2 3 282